Hi ,
I am very new to the ethereal source code. I want to add a dissector
that understands my protocol –" my_proto".
Problem statement:
I have a binary file my_proto_dump.log. This file has packets received
by my application.
I want ethereal to read from a binary file packets in my_proto
protocol and then be able to dissect these packets and produce an
output file.
I am having a hard time understanding how to join the pieces together.
I have a few questions about this.
1. To make ethereal dissect my protocol I have to add a dissector,
right ? I would have to add under plugins/my_proto.c – which is my
dissector. This step has been explained nicely in the manual. I did
this.
2. How do I make ethereal call my dissector?
3. Do I have to make changes to add my capture file type in the wiretap/ dir.
4. What is the difference between read and seek_read functions. Do I
have to return the packet in the wth->format_buffer? Is this packet
used by the dissector to dissect? If yes this packet should have all
the bits I mention in the dissector code ?
5. After this wht is the ethereal output format. Do I have to specify
the output format also.
6. In the end how do I make all this work together.
I am quite confused right now. If someone could just lay out the steps
in front me, I would be sure this is doable.
Thank you for all your suggestions and help in advance. I really need
some one to clear the cloud for me.
Thanks
--
Thanks and Regards,
Neha Chahal
Cell- 443 207 0414